The COVID-19 pandemic has obviously brought about huge growth in the number of people working from home. However, while this helps to keep the population safe and slow down the transmission of the virus, remote work is not without its own risks–especially in the area of cybersecurity.
Newly minted remote workers now have much to consider in terms of securing and protecting their new work station. For cyber-criminals, the thought of so many people wobbling around the internet on their remote-working training wheels has similar effects as throwing a bucket of blood and meat into a shark tank.
So, what can you do to make sure your organisation won’t fall victim to the COVID-19 cybercrime feeding frenzy? Let’s take a look:
Review your remote working policy
Make sure your remote working policy is up to date. If your company doesn’t already have a formal remote working policy, now is a good time to create one. This can be pretty basic if your organization is small, but it still needs to include important points like what steps staff need to take to protect sensitive data and documents when working with them outside of the office.
This is one of the reasons a paperless office and fully digitised work environment can better secure your company data. A paperless office with a solid and well-monitored IT policy can protect you from cybercrime and data breaches.
Some sample topics to cover in your remote working policy include:
- When and how to use a VPN, including how to install and/or access your company’s VPN service and make sure it’s working correctly.
- Logging in and changing your password remotely, as well as installing and updating office and other essential software from home.
- Contacting support and asking for help, including how to give remote access and share screens when necessary.
- Avoiding phishing and spear-phishing attacks, securing your password, and other important cybercrime advice.
- Setting up and using security software like antivirus and firewalls, password keepers, and more.
- Installing and using team working apps like Teams or Convene. Not only are these tools essential for remote collaboration but being able to chat and banter is important when it comes to keeping a healthy and effective workforce going remotely long-term.
- Detailed information for the IT department. For instance what capabilities to enable on different types of employee’s mobile devices via mobile device management and why, and which capabilities BYOD (bring your own device) PCs and tablets should have. This needs to be applied organisation-wide to make sure effective security is easy to maintain.
Make sure your IT policy will protect your organization from both ends
You need an IT policy that lets you manage work applications and folders no matter where they are. The Bring Your Own Device (BYOD) era necessitates the ability to strictly manage employees’ access to company data. Your IT policy should favor solutions that allow fine grained access control across devices.
For example, collaboration applications like Convene give system administrators control over what documents and folders certain users can view. From the other end, your IT team will need to tightly monitor external access to company data.
Finally, your employees will need to be educated on how to maintain data security and protect their devices when remotely.
Ensure all employees are aware of common cybercrime risks and how to protect themselves
Advise your employees on common cybercrime traps and self-protection measures. For example, how to securely connect to the internet and company network, which antivirus to use, etc. From knowing how to make use of Have I Been Pwned to checking the security of passwords and their personal accounts through to the ability to assess who an official-looking email is from, security skills for remote workers are an essential part of their protection, and yours.
For instance, knowing that most workers are working remotely is currently encouraging phishing and spear-phishing emails from cybercriminals looking to break into your organisation’s networks. Your employees need to know not to click suspicious links or emails to remain safe from these increasingly common attacks.
Make sure you have the right security in place for your remote workers.
One of the biggest issues with an inexperienced remote workforce device and connection security. While BYOD security policies help, you may also want to invest in a VPN service for the whole organization. This can help to make sure every bit of company data is protected in transit by encryption.
As mentioned earlier, security policies should limit device capabilities to only what each employee needs to be able to do. By limiting access and keeping connections encrypted wherever possible, it becomes easier to keep your company data secure and avoid expensive and reputation-destroying data breaches.
All-in-all, the huge move to remote work is making many workers start to truly appreciate the role that IT plays in securing their daily working lives. Not only is it likely that we will see more remote working after the current crisis, we will also see a lot more people taking personal responsibility for their cybersecurity both inside and outside of work.
In the meantime, companies needs to make sure they take all the steps necessary to keep their remote workforce safe. For more on cybersecurity and remote work, check out our resources here.
Looking for remote working tools? Learn how Convene enables organisations to safely and securely work from home without compromising efficiency here.